先电OpenStack搭建
本次搭建采用双节点安装,即controller node控制节点和compute node计算节点。enp8s0为内部管理网络,enp9s0为外部网络。存储节点安装操作系统时划分两个空白分区以sda,sdb为例。作为cinder和swift存储磁盘,搭建 ftp服务器作为搭建云平台的yum源。配置文件中密码需要根据实际环境进行配置。
1.1安装CentOS7说明
【CentOS7版本】
CentOS7系统选择1804版本:CentOS-7-x86_64-DVD-1804.iso
【空白分区划分】
CentOS7的安装与CentOS6.5的安装有明显的区别。在CentOS7安装过程中,设置分区都需要一个挂载点,这样一来就无法创建两个空白的磁盘分区作为cinder服务和swift服务的存储磁盘了。
所以我们应该在系统安装过程中留下足够的磁盘大小,系统安装完成后,使用命令parted划分新分区,然后使用mkfs.xfs进行文件系统格式化,完成空白分区的划分。具体命令如下:
[root@compute ~]# parted /dev/md126
(parted) mkpart swift 702G 803G //创建swift分区,从702G到803G
[root@compute ~]# mkfs.xfs /dev/md126p5
1.2配置网络、主机名
修改和添加/etc/sysconfig/network-scripts/ifcfg-enp*(具体的网口)文件。
(1)controller节点
配置网络:
enp8s0: 192.168.100.10
DEVICE=enp8s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.100.10
PREFIX=24
GATEWAY=192.168.100.1
enp9s0: 192.168.200.10
DEVICE=enp9s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.200.10
PREFIX=24
配置主机名:
hostnamectl set-hostname controller
按ctrl+d 退出 重新登陆
(2)compute 节点
配置网络:
enp8s0: 192.168.100.20
DEVICE=enp8s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.100.20
PREFIX=24
GATEWAY=192.168.100.1
enp9s0: 192.168.200.20
DEVICE=enp9s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.200.20
PREFIX=24
配置主机名:
hostnamectl set-hostname compute
按ctrl+d 退出 重新登陆
1.3配置yum源
#Controller和compute节点
(1)yum源备份
#mv /etc/yum.repos.d/* /opt/
(2)创建repo文件
【controller】
在/etc/yum.repos.d创建centos.repo源文件
[centos]
name=centos
baseurl=file:///opt/centos
gpgcheck=0
enabled=1
[iaas]
name=iaas
baseurl=file:///opt/iaas-repo
gpgcheck=0
enabled=1
【compute】
在/etc/yum.repos.d创建centos.repo源文件
[centos]
name=centos
baseurl=ftp://192.168.100.10/centos
gpgcheck=0
enabled=1
[iaas]
name=iaas
baseurl=ftp://192.168.100.10/iaas-repo
gpgcheck=0
enabled=1
(3)挂载iso文件
【挂载CentOS-7-x86_64-DVD-1804.iso】
[root@controller ~]# mount -o loop CentOS-7-x86_64-DVD-1804.iso /mnt/
[root@controller ~]# mkdir /opt/centos
[root@controller ~]# cp -rvf /mnt/* /opt/centos/
[root@controller ~]# umount /mnt/
【挂载XianDian-IaaS-v2.4.iso】
[root@controller ~]# mount -o loop XianDian-IaaS-v2.4.iso /mnt/
[root@controller ~]# cp -rvf /mnt/* /opt/
[root@controller ~]# umount /mnt/
(4)搭建ftp服务器,开启并设置自启
[root@controller ~]# yum install vsftpd -y
[root@controller ~]# vi /etc/vsftpd/vsftpd.conf
添加anon_root=/opt/
保存退出
[root@controller ~]# systemctl start vsftpd
[root@controller ~]# systemctl enable vsftpd
(5)配置防火墙和Selinux
【controller/compute】
编辑selinux文件
vi /etc/selinux/config
SELINUX=permissive
关闭防火墙并设置开机不自启
systemctl stop firewalld.service
systemctl disable firewalld.service
yum remove -y NetworkManager firewalld
yum -y install iptables-services
systemctl enable iptables
systemctl restart iptables
iptables -F
iptables -X
iptables -Z
service iptables save
(6)清除缓存,验证yum源
【controller/compute】
yum clean all
yum list
1.4编辑环境变量
controller和compute节点
yum install iaas-xiandian -y
编辑文件/etc/xiandian/openrc.sh,此文件是安装过程中的各项参数,根据每项参数上一行的说明及服务器实际情况进行配置。
HOST_IP=192.168.100.10
HOST_PASS=000000
HOST_NAME=controller
HOST_IP_NODE=192.168.100.20
HOST_PASS_NODE=000000
HOST_NAME_NODE=compute
network_segment_IP=192.168.100.0/24
RABBIT_USER=openstack
RABBIT_PASS=000000
DB_PASS=000000
DOMAIN_NAME=demo
ADMIN_PASS=000000
DEMO_PASS=000000
KEYSTONE_DBPASS=000000
GLANCE_DBPASS=000000
GLANCE_PASS=000000
NOVA_DBPASS=000000
NOVA_PASS=000000
NEUTRON_DBPASS=000000
NEUTRON_PASS=000000
METADATA_SECRET=000000
INTERFACE_IP=192.168.100.10/192.168.100.20(controllerIP/computeIP)
INTERFACE_NAME=enp9s0 (外部网络网卡名称)
Physical_NAME=provider (外部网络适配器名称)
minvlan=101 (vlan网络范围的第一个vlanID)
maxvlan=200 (vlan网络范围的最后一个vlanID)
CINDER_DBPASS=000000
CINDER_PASS=000000
BLOCK_DISK=md126p4 (空白分区)
SWIFT_PASS=000000
OBJECT_DISK=md126p5 (空白分区)
STORAGE_LOCAL_NET_IP=192.168.100.20
HEAT_DBPASS=000000
HEAT_PASS=000000
ZUN_DBPASS=000000
ZUN_PASS=000000
KURYR_DBPASS=000000
KURYR_PASS=000000
CEILOMETER_DBPASS=000000
CEILOMETER_PASS=000000
AODH_DBPASS=000000
AODH_PASS=000000
1.5通过脚本安装服务
1.6-1.8的基础配置操作命令已经编写成shell脚本,通过脚本进行一键安装。如下:
Controller节点和Compute节点
执行脚本iaas-pre-host.sh进行安装
[root@controller ~]# iaas-pre-host.sh
安装完成后同时重启
[root@controller ~]# reboot
1.6安装Openstack包
controller和compute节点
yum -y install openstack-utils openstack-selinux python-openstackclient
yum upgrade
1.7配置域名解析
修改/etc/hosts添加一下内容
(1)controller 节点
192.168.100.10 controller
192.168.100.20 compute
(2)compute 节点
192.168.100.10 controller
192.168.100.20 compute
1.8安装chrony服务
(1)controller和compute节点
yum install -y chrony
(2)配置controller节点
编辑/etc/chrony.conf文件
添加以下内容(删除默认sever规则)
server controller iburst
allow 192.168.100.0/24
local stratum 10
启动ntp服务器
systemctl restart chronyd
systemctl enable chronyd
(3)配置compute节点
编辑/etc/chrony.conf文件
添加以下内容(删除默认sever规则)
server controller iburst
启动ntp服务器
systemctl restart chronyd
systemctl enable chronyd
1.9通过脚本安装数据库服务
1.10-1.13基础服务的操作命令已经编写成shell脚本,通过脚本进行一键安装。如下:
Controller节点
执行脚本iaas-install-mysql.sh进行安装
1.10安装Mysql数据库服务
(1)安装mysql服务
yum install -y mariadb mariadb-server python2-PyMySQL
(2)修改mysql配置文件参数
修改 /etc/my.cnf文件[mysqld]中添加
max_connections=10000
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = ‘SET NAMES utf8’
character-set-server = utf8
(3)启动服务
#systemctl enable mariadb.service
#systemctl start mariadb.service
(4)修改/usr/lib/systemd/system/mariadb.service文件参数
[Service]
新添加两行如下参数:
LimitNOFILE=10000
LimitNPROC=10000
(5)修改/etc/my.cnf.d/auth_gssapi.cnf文件参数
[mariadb]
注释一行参数
#plugin-load-add=auth_gssapi.so
(6)重新加载系统服务,并重启mariadb服务
systemctl daemon-reload
service mariadb restart
(7)配置Mysql
mysql_secure_installation
按enter确认后设置数据库root密码
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
(8)compute节点
#yum -y install MySQL-python
1.11安装RabbitMQ服务
yum install -y rabbitmq-server
systemctl enable rabbitmq-server.service
systemctl restart rabbitmq-server.service
rabbitmqctl add_user $RABBIT_USER $RABBIT_PASS
rabbitmqctl set_permissions $RABBIT_USER “." ".” “.*”
1.12安装memcahce服务
yum install memcached python-memcached
systemctl enable memcached.service
systemctl restart memcached.service
1.13 安装etcd服务
yum install etcd –y
(1)修改/etc/etcd/etcd.conf配置文件,添加以下内容:
ETCD_LISTEN_PEER_URLS=“http://192.168.100.10:2380”
ETCD_LISTEN_CLIENT_URLS=“http://192.168.100.10:2379”
ETCD_NAME=“controller”
ETCD_INITIAL_ADVERTISE_PEER_URLS=“http://192.168.100.10:2380”
ETCD_ADVERTISE_CLIENT_URLS=“http://192.168.100.10:2379”
ETCD_INITIAL_CLUSTER=“controller=http://192.168.100.10:2380”
ETCD_INITIAL_CLUSTER_TOKEN=“etcd-cluster-01”
ETCD_INITIAL_CLUSTER_STATE=“new”
(2)启动服务
systemctl start etcd
systemctl enable etcd
2 安装Keystone认证服务
#Controller
2.1 通过脚本安装keystone服务
2.2-2.10的认证服务的操作命令已经编写成shell脚本,通过脚本进行一键安装。如下:
Controller节点
执行脚本iaas-install-keystone.sh进行安装。
2.2安装keystone服务软件包
yum install -y openstack-keystone httpd mod_wsgi
2.3创建Keystone数据库
mysql –u root -p(此处数据库密码为之前安装Mysql设置的密码) mysql> CREATE DATABASE keystone; mysql> GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘localhost’ IDENTIFIED BY ‘KEYSTONE_DBPASS’; mysql> GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘%’ IDENTIFIED BY ‘KEYSTONE_DBPASS’; mysql> exit
2.4配置数据库连接
crudini --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone: K E Y S T O N E D B P A S S @ KEYSTONE_DBPASS@ KEYSTONEDBPASS@HOST_NAME/keystone
2.5为keystone服务创建数据库表
su -s /bin/sh -c “keystone-manage db_sync” keystone
2.6创建令牌
#ADMIN_TOKEN=$(openssl rand -hex 10)
crudini --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
crudini --set /etc/keystone/keystone.conf token provider fernet
2.7创建签名密钥和证书
#keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
#keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
修改/etc/httpd/conf/httpd.conf配置文件将ServerName www.example.com:80 替换为ServerName controller
创建/etc/httpd/conf.d/wsgi-keystone.conf文件,内容如下:
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LimitRequestBody 114688
= 2.4>
ErrorLogFormat “%{cu}t %M”
ErrorLog /var/log/httpd/keystone.log
CustomLog /var/log/httpd/keystone_access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LimitRequestBody 114688
= 2.4>
ErrorLogFormat “%{cu}t %M”
ErrorLog /var/log/httpd/keystone.log
CustomLog /var/log/httpd/keystone_access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
Alias /identity /usr/bin/keystone-wsgi-public
<Location /identity>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup keystone-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
Alias /identity_admin /usr/bin/keystone-wsgi-admin
<Location /identity_admin>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup keystone-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
#systemctl enable httpd.service #systemctl start httpd.service 2.8定义用户、租户和角色 (1)设置环境变量 export OS_TOKEN=$ADMIN_TOKEN export OS_URL=http://controller:35357/v3 export OS_IDENTITY_API_VERSION=3 (2)创建keystone相关内容 openstack service create --name keystone --description "OpenStack Identity" identity openstack endpoint create --region RegionOne identity public http://$HOST_NAME:5000/v3 openstack endpoint create --region RegionOne identity internal http://$HOST_NAME:5000/v3 openstack endpoint create --region RegionOne identity admin http://$HOST_NAME:35357/v3
openstack domain create --description “Default Domain” $DOMAIN_NAME
openstack project create --domain $DOMAIN_NAME --description “Admin Project” admin
openstack user create --domain $DOMAIN_NAME --password $ADMIN_PASS admin
openstack role create admin
openstack role add --project admin --user admin admin
openstack project create --domain $DOMAIN_NAME --description “Service Project” service
openstack project create --domain $DOMAIN_NAME --description “Demo Project” demo
openstack user create --domain $DOMAIN_NAME --password KaTeX parse error: Expected 'EOF', got '#' at position 104: …user (3)清除环境变量 #̲unset OS_TOKEN …DOMAIN_NAME
export OS_USER_DOMAIN_NAME= D O M A I N N A M E e x p o r t O S P R O J E C T N A M E = d e m o e x p o r t O S U S E R N A M E = d e m o e x p o r t O S P A S S W O R D = DOMAIN_NAME export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD= DOMAINNAMEexportOSPROJECTNAME=demoexportOSUSERNAME=demoexportOSPASSWORD=DEMO_PASS
export OS_AUTH_URL=http:// H O S T N A M E : 5000 / v 3 e x p o r t O S I D E N T I T Y A P I V E R S I O N = 3 e x p o r t O S I M A G E A P I V E R S I O N = 22.10 创 建 a d m i n − o p e n r c . s h 创 建 a d m i n 环 境 变 量 a d m i n − o p e n r c . s h e x p o r t O S P R O J E C T D O M A I N N A M E = HOST_NAME:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 2.10创建admin-openrc.sh 创建admin环境变量admin-openrc.sh export OS_PROJECT_DOMAIN_NAME= HOSTNAME:5000/v3exportOSIDENTITYAPIVERSION=3exportOSIMAGEAPIVERSION=22.10创建admin−openrc.sh创建admin环境变量admin−openrc.shexportOSPROJECTDOMAINNAME=DOMAIN_NAME
export OS_USER_DOMAIN_NAME= D O M A I N N A M E e x p o r t O S P R O J E C T N A M E = a d m i n e x p o r t O S U S E R N A M E = a d m i n e x p o r t O S P A S S W O R D = DOMAIN_NAME export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD= DOMAINNAMEexportOSPROJECTNAME=adminexportOSUSERNAME=adminexportOSPASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://$HOST_NAME:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
生效环境变量
#source admin-openrc.sh
3 安装Glance镜像服务
#Controller
3.1 通过脚本安装glance服务
3.2-3.9的镜像服务的操作命令已经编写成shell脚本,通过脚本进行一键安装。如下:
Controller 节点
执行脚本iaas-install-glance.sh进行安装
3.2 安装Glance镜像服务软件包文章来源:https://www.toymoban.com/news/detail-427112.html
yum install -y openstack-glance
3.3创建Glance数据库
#mysql -u root -p
mysql> CREATE DATABASE glance;
mysql> GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@‘localhost’ IDENTIFIED BY ‘GLANCE_DBPASS’;
mysql> GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@‘%’ IDENTIFIED BY ‘GLANCE_DBPASS’;
3.4配置数据库连接文章来源地址https://www.toymoban.com/news/detail-427112.html
crudini --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance: G L A N C E D B P A S S @ GLANCE_DBPASS@ GLANCEDBPASS@HOST_NAME/glance
crudini --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance: G L A N C E D B P A S S @ GLANCE_DBPASS@ GLANCED
到了这里,关于先电OpenStack搭建的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!